Bit9 Hacked, Attackers Steal Code-Signing Certificate

The hackers have signed malware with the stolen certificate

Bit9 hacked

The networks of security solutions provider Bit9 have been breached by cybercriminals. The attackers have gained access to one of the company’s code-signing certificates and have utilized it to sign malware.

Malicious hackers pose a serious risk these days, even if you’re an organization that helps others protect themselves against malware and hackers.

According to Bit9 representatives, the attackers have managed to penetrate their networks because they have failed to install their own security products on a number of computers.

“There is no indication that this was the result of an issue with our product. Our investigation also shows that our product was not compromised. We simply did not follow the best practices we recommend to our customers by making certain our product was on all physical and virtual machines within Bit9,” Bit9’s Patrick Morley said.

The malware signed with the certificates stolen from the company has been used against three of their customers.

As soon as the breach was discovered, Bit9 revoked the compromised certificate. In addition, steps have been taken to ensure that all the machines from the firm’s network, both virtual and physical, benefit from proper protection.

While there’s no evidence that their products have been compromised, Bit9 is preparing a patch to automatically detect and neutralize malicious elements that illegally use the digital certificate.

“While we (and we hope our customers) are comforted somewhat by the fact that this incident was not the result of an issue with our product, the fact that this happened—even to us—shows that the threat from malicious actors is very real, extremely sophisticated, and that all of us must be vigilant,” Morley added.

“We are confident that the steps we have taken will address this incident while preventing a similar issue from occurring again.”